ldap broken after upgrading from 9.2.1 to 9.3

[freenas1]

Hello all,
my freenas is configured to use ldap "openldap" server, for afp shares.
Since i've upgraded to 9.3, i got this error:
Aug 27 15:43:20 olympe sssd[be[LDAP2]]: Could not start TLS encryption. error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (unable to get local issuer certificate)

According to doc:
http://doc.freenas.org/9.3/freenas_system.html#cas
i have to import the CA certificate of my ldap server, called cacert.pem (this is the certificate i deploy on linux clients for instance).
The doc said:
"If your organization already has a CA, you can import the CA’s certificate and key"
but it doesn't work, as the winodw requires a passphrase i never had.

Even in this thread:
https://forums.freenas.org/index.php?threads/ldap-config-certificate-drop-down-list-empty.27762/, it was said:
The certificate field in de advanced ldap config should point to the CA that signed the certificate of the LDAP server. You can upload the CA certificate under: system > CAs

If it in not possible with GUI, is it possible by CLI? is it a correct workaround?

thanks in advance for help,

 

[dlavigne]

What error do you get when you try to import the certificate? Note that the passphrase field is optional and only required if the certificate has one.

 

[freenas1]

Passphrase:

• Incorrect passphrase

and:
Serial:

• Enter a whole number.

 

[dlavigne]

Which build version of FreeNAS (from System -> Information)?

 

[freenas1]

FreeNAS-9.3-STABLE-201506292332

 

[dlavigne]

Please create a bug report at bugs.freenas.org and post the issue number here.

 

[freenas1]

https://bugs.freenas.org/issues/11253